I was trying to configure Azure AD and Atlassian cloud for SAML single sign-on and I thought it configured correctly. But I may have configured two tenants.
When I try to login as an Atlassian administrator I get the following error:
Request Id: daa2afe1-b25c-458f-8def-de39110a0300
Correlation Id: 534761d7-b271-4245-b857-a2fcdfda7877
Message: AADSTS700016: Application with identifier 'https://auth.atlassian.com/saml/ceffa91e-a55e-4ab4-b185-60119714b336' was not found in the directory 'c8a43e29-f09d-477a-8567-335b11f6596a'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
I can't login to Support to request help, so I'm hoping a support person in the community will help me out. I need to get this resolved as soon as possible since none of our users can login.
My loginID for the Atlassian Community is the same email address that is used for my company's Atlassian account. So when I click on https://support.atlassian.com/contact/#/ I'm prompted for my email address and I get the SSO error and can't login to create a request.
Is there another way to submit a support request using my Atlassian Community account?
We've opened a request for you directly - you should have received an email just a moment ago with the case details. Although it seems that you're not able to log in currently due to the SAML misconfiguration, you should be able to interact with the support request over email.
Daniel | Atlassian Support
I just encountered the same issue as Tom above.
Request Id: f754459e-6c9d-43b7-8bd7-2b10c13d2300
Correlation Id: d3d5e7f5-b151-4fb7-985c-debe7fea9dfe
Message: AADSTS700016: Application with identifier 'https://auth.atlassian.com/saml/f2cf43c8-d0ef-4426-a112-ab3664221dc6' was not found in the directory 'b063e3ea-b036-4592-8de4-67f7b977b037'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
Could you give me a hint how to proceed?
I can see you've opened a case in our support system as well - thanks! For this type of error, our internal support team is best suited to assist as they ensure the right accounts have administrator access in your Cloud site to make the appropriate SAML changes. They'll have you sorted soon!
Same here, answer was to take the tenant id that appears in the login error, append it to https://auth.atlassian.com/saml/<<tenant id>> and put that in the Basic SAML Configuration \ Identifier (Entity ID) field. And for the 'Reply URL', to append it to https://auth.atlassian.com/login/callback?connection=saml/<<tenant id>>
The main advice I can give on how to avoid this error is to make sure you add an administrator account to JIRA that is from a different domain BEFORE you make any changes to enable single sign-on. The JIRA documentation mentions this, but it's not very prominent.
I didn't, so when I mistakenly added another tenant and locked myself out, I couldn't log in and remove the bad tenant to restore my access.
To make it even worse, I couldn't submit a support ticket online because I couldn't log in to my Atlassian account to submit it. I had to call the support number and leave a voicemail.
I've also landed with this problem with our corporate account.
Support ticket raised via my personal Atlassian account, fingers cross the support team can turn off SSO so I can get back in a resolved the underlying problem - other than my inability to follow instructions....
I directly contacted the Atlassian Cloud support.
The first step to obtain access again is to add a new User with from another Domain to your Atlassian cloud system. With the new user it is possible to fix the settings.
(At which step I'm right now)
I'm not quiet sure if this can be done on yourself.
Here I'd also recommend to go directly for the Atlassian Cloud Support.